471 matches found
CVE-2026-42796
Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager without authentication or authorization. Attackers can supply a URL to a malicious Python file...
PT-2026-36887
Name of the Vulnerable Software and Affected Versions Arelle versions prior to 2.39.10 Description An unauthenticated remote code execution issue exists in the '/rest/configure' REST endpoint. The endpoint accepts a plugins query parameter and forwards it to the plugin manager without requiring...
MAL-2026-3197 Malicious code in sdoihgio9sudghsiudbg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 61f008a0a874bc97bef2f5d2c59d64b4ae73b7cdb66970e5f82a5abb8186372d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3191 Malicious code in rblx-https (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b7d7435a6bcfd1a9437108a21af9ca6be7c60aa1e0c6e9e90a40ac43b26cf67 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in timemcp-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2370fd05b77259c6177d02a019d357a9e7773539588345fe4a5582a9582a1aa3 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in core-roblox-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 51e9fdba29b05ebf3bb0fb66dcf05dd021562b52449128a930f28ff073b4e1d7 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3044 Malicious code in quicksolving (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 334524bfbf6438acc5016e76054740cdb532bdd9921695cbcc1852c568226708 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
CVE-2026-41265
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the AirtableAgents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt...
EUVD-2026-25294
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the AirtableAgents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt...
MAL-2026-2834 Malicious code in loadcoremwassistant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20499474b0d0eb5a02bdd34aba8dbd438993b87506fb7a9bd88a62a729736221 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2026-22311
The Python remote debugging feature could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via the remote debugging feature. This vulnerability requires persistently and repeatedly connecting to the process to be...
CVE-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
MAL-2026-2570 Malicious code in robase-app (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 596d80290905c61841be2afc4bb833850683b152c52f8e58bce3faa32afe7deb During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-2556 Malicious code in api-analysis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c3bf88cef3ca699f69bada95749b40c4426c9a9c528e53c473698be88cbdc783 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-2547 Malicious code in ixosmonitoring (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfca4d7a38a0805f56b3bddcef1b421a8584a4d52df7a1a22676369679347bf5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2548 Malicious code in ks-hex2pcap (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 90b58f7aa303c563186a1d1c2a89d13caec4e0c04a48f6838fcba294b7846e96 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2538 Malicious code in bogus-nydus-op (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dc5b423ccd6e29bde31dc5123f2e888f3eaedc3fddf020aab581d2b8e64cc8a8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2541 Malicious code in gd-auth-sso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8f23b8545f85df66640646272b028ab4db1032fcb4fd5bbd745971b3438cc4f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
GHSA-955R-262C-33JC Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2
Summary On March 27, 2026, a threat actor used compromised PyPI credentials to publish malicious versions 4.87.1 and 4.87.2 of the telnyx Python package directly to PyPI. These versions contain credential-stealing malware and were not published through the legitimate GitHub release pipeline...
MAL-2026-2283 Malicious code in interwebz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 02fa95914b7edc63771b97f48f4e05119f87309224b5e9b5aa990ab6dda8acc2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...